There has been an explosion lately in the number and manner of software and business applications over the web. Generally, many different passwords and software tokens are known in order to identify users and permit access to the software applications. However, generally, these solutions are costly and involve complicated and expensive hardware to function. In one prior art solution, a key that updated continuously over the day with new passwords is used. However, this requires a bulky and expensive solution. Furthermore, if data is captured it is possible for a user to reverse engineer the data to obtain a code illegally. Accordingly, there exists a need for a method and apparatus to conveniently, quickly, and accurately detect the propriety of a login in a manner that is cost effective and that prevents the unauthorized access of third parties.